/dev/bpf in a jail
Robroy Gregg
robroy at robroygregg.com
Tue Jan 10 17:04:14 UTC 2017
Good day Ernie,
On Tue, 10 Jan 2017, Ernie Luzar wrote:
> I trying to run tcpdump inside of a jail.
> Get following error message
> tcpdump: (cannot open device) /dev/bpf: No such file or directory
>
> Is it technical possible to do this?
Yeah, I have tcpdump working in a jail on 10.3-RELEASE, named "beak."
Here's the jail.conf for it:
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
host.hostname = $name;
path = /j/$name;
interface = igb0;
beak {
allow.raw_sockets;
devfs_ruleset = 7;
enforce_statfs = 1;
ip4.addr = 192.168.32.10;
}
And here's the /etc/devfs.conf for it:
[devfsrules_jail_bpf=7]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'bpf*' unhide
Wellbeing to you, Ernie.
Robroy
More information about the freebsd-questions
mailing list